At first i am interested in professional networking and Network security related things like pen testing and ethical hacking,but at a stage i got bored on it,when i asked about the job opportunities related to the Network security based on certifications like CEH bla bla One of the security guy advised me that those kind of things like "network pen-testing " is dying,you still can do CEH and get a job,but to our standards it wont be a challenging thing to learn and also it don't have a bright feature as like web-application security "...

Also i am much more fascinated in learning things related to web-app security and i tought it would be challenging for me and also it seems this field has a bright feature while compared to Network-pen testing and ethical hacking..

even tough i am a IT student i studied coding related things just to pass the exams,I didn't studied knowledge-fully as during those stage i am much fascinated in Network and Network security related things,

But as now i am realizing that i had made a wrong choice,so i am willing to start my carrier in web-application security related side and also want to sharpen my knowledge on this field

now here are my questions which needs to be addressed

1)where should i build the basic knowledge about the web-applications and web-application security ?

2)As a beginner in this field what are all the languages i should learn in the starting stage? because i know there are many languages like html,php,asp,java script,vb script...

which one will be easy for a beginner like me?

3)Is there any course/CBT videos out there for understanding the basics of these web-application security ?can you guys suggest me any best videos for beginners like me?

4)tell me from your experience,depends on our interest level how long it would take to learn a few of these languages ? because i need to learn them quick ,so that i can try to get a in this field as soon as possible...